haproxy-1.8.23-3.el8
エラータID: AXSA:2020-267:02
リリース日:
2020/08/18 Tuesday - 08:19
題名:
haproxy-1.8.23-3.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- HAProxy のレガシーモードには、"chunked" を欠いた transfer-encoding ヘッダを持つメッセージが
正しく拒否されない問題があり、 http-reuse always の設定がある場合、脆弱なコンポーネントに対して
HTTP リクエストスマグリング攻撃を許可する可能性のある脆弱性があります。(CVE-2019-18277)
- HTTP/2 には、ヘッダの処理に誤りがあり、攻撃者がキャリッジリターン、ヌル文字、ラインフィードを悪用し、
中継者カプセル化攻撃を引き起こす可能性のある脆弱性があります。(CVE-2019-19330)
一部 CVE の翻訳文は JVN からの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-18277
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
A flaw was found in HAProxy before 2.0.6. In legacy mode, messages featuring a transfer-encoding header missing the "chunked" value were not being correctly rejected. The impact was limited but if combined with the "http-reuse always" setting, it could be used to help construct an HTTP request smuggling attack against a vulnerable component employing a lenient parser that would ignore the content-length header as soon as it saw a transfer-encoding one (even if not entirely valid according to the specification).
CVE-2019-19330
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, as demonstrated by carriage return (CR, ASCII 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII 0x0), aka Intermediary Encapsulation Attacks.
追加情報:
N/A
ダウンロード:
SRPMS
- haproxy-1.8.23-3.el8.src.rpm
MD5: 2e3365ea20e18643a8541167fc7eaebc
SHA-256: 713d4bfce85fe8492b905fdf7f93f34a96192e006ad0e5983481971ae61808bd
Size: 2.03 MB
Asianux Server 8 for x86_64
- haproxy-1.8.23-3.el8.x86_64.rpm
MD5: 0ca791fa598099702088fcfa036c64ab
SHA-256: b985ed6b7a35ec019047360e2ccdb804e465729a519e81f02766cc6bdcaac859
Size: 1.34 MB